1 { lib, pkgs, config, ... }:
3 cfg = config.myServices.ejabberd;
7 ejabberd.enable = lib.mkOption {
11 Whether to enable ejabberd service.
16 config = lib.mkIf cfg.enable {
17 security.acme.certs = {
18 "ejabberd" = config.myServices.certificates.certConfig // {
21 domain = "eldiron.immae.eu";
23 systemctl restart ejabberd.service
27 "conference.immae.fr" = null;
28 "proxy.immae.fr" = null;
29 "pubsub.immae.fr" = null;
30 "upload.immae.fr" = null;
34 networking.firewall.allowedTCPPorts = [ 5222 5269 ];
35 myServices.websites.tools.im.enable = true;
36 systemd.services.ejabberd.postStop = ''
37 rm /var/log/ejabberd/erl_crash*.dump
41 dest = "ejabberd/psql.yml";
47 sql_server: "localhost"
48 sql_database: "${config.myEnv.jabber.postgresql.database}"
49 sql_username: "${config.myEnv.jabber.postgresql.user}"
50 sql_password: "${config.myEnv.jabber.postgresql.password}"
54 dest = "ejabberd/host.yml";
61 domain_certfile: "${config.security.acme.certs.ejabberd.directory}/full.pem"
63 ldap_servers: ["${config.myEnv.jabber.ldap.host}"]
65 ldap_rootdn: "${config.myEnv.jabber.ldap.dn}"
66 ldap_password: "${config.myEnv.jabber.ldap.password}"
67 ldap_base: "${config.myEnv.jabber.ldap.base}"
71 ldap_filter: "${config.myEnv.jabber.ldap.filter}"
75 users.users.ejabberd.extraGroups = [ "keys" ];
77 package = pkgs.ejabberd.override { withPgsql = true; };
81 ERLANG_NODE=ejabberd@localhost
83 configFile = pkgs.runCommand "ejabberd.yml" {
84 certificatePrivateKeyAndFullChain = "${config.security.acme.certs.ejabberd.directory}/full.pem";
85 certificateCA = "${pkgs.cacert}/etc/ssl/certs/ca-bundle.crt";
86 sql_config_file = config.secrets.fullPaths."ejabberd/psql.yml";
87 host_config_file = config.secrets.fullPaths."ejabberd/host.yml";
89 substituteAll ${./ejabberd.yml} $out